There seems to be a good amount of overlap here with what's proposed in the SOA auth RFC. The difference seems to be that this proposal aims to build a new authentication layer inside of MediaWiki, while the SOA auth proposal aims to protect sensitive user data and provide authentication APIs that can be used by other services as well.
Could you say something about how you plan to address those issues?